You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Nick Gearls <ni...@gmail.com> on 2008/01/24 17:10:55 UTC

Certificate validation problems trapping - bug #35083

Hello,

The proposed patch generalizes a mechanism that currently exist, but is 
incomplete.
It now allows to accept all SSL connections that fail for any reason 
related to certificate verification or validation.

Could this be included in next release ?
This has a huge impact on the user, as it is possible to give a 
meaningful error message in case of a problem (like "your certificate is 
revoked"), instead of a network error at SSL level.

The patch is quite simple, and it is used in several major Governmental 
servers in Belgium, so we shouldn't expect problems.

Regards,

Nick